﻿using System;
using System.Collections.Generic;
using System.Collections.Specialized;
using System.Linq;
using System.Web;
using VideoClassLibrary.Model;

/// <summary>
/// Summary description for AdminUserBase
/// </summary>
public class AdminUserBase:System.Web.UI.Page
{
    public AdminUserBase()
    {
        //
        // TODO: Add constructor logic here
        //
    }
    /// <summary>
    /// 未登录跳转和界面级权限识别
    /// </summary>
    /// <param name="sender"></param>
    /// <param name="e"></param>
    void AdminUserBase_Load(object sender, EventArgs e)
    {
        if (System.Web.HttpContext.Current.Session["currentAdminUser"] == null)
        {
            Response.Redirect("~/SchoolLogin.aspx?returnUrl=" + this.ReturnBackURL, true);
            return;
            //window.location.target='_perant';

            //Response.Write("<script>top.location.href='/login.aspx';</script>");
            //Response.End();
        }
    }

    public virtual String ReturnBackURL
    {
        get
        {
            if (ViewState["__ReturnBackURL__"] == null)
            {
                ViewState["__ReturnBackURL__"] = "AdminIndex.aspx";
            }
            return Server.UrlEncode(ViewState["__ReturnBackURL__"].ToString());
        }
        set { ViewState["__ReturnBackURL__"] = value; }
    }


    protected override void OnInit(EventArgs e)
    {

        this.Load += new EventHandler(AdminUserBase_Load);
        //SQL防注入攻击
        if (Request.QueryString.Count > 0)
        {
            int loop1;
            NameValueCollection coll = Request.QueryString;
            String[] arr1 = coll.AllKeys;
            for (loop1 = 0; loop1 < arr1.Length; loop1++)
            {
                String[] arr2 = coll.GetValues(arr1[loop1]);
                int loop2;
                for (loop2 = 0; loop2 < arr2.Length; loop2++)
                {
                    string SQL_Repdata = ";--|exec|insert|select|delete|update|count|chr|mid|master|truncate|char|declare|create|drop";
                    String[] arr3 = SQL_Repdata.Split(char.Parse("|"));
                    int loop3;
                    for (loop3 = 0; loop3 < arr3.Length; loop3++)
                    {
                        if (arr2[loop2].ToLower().Trim().IndexOf(arr3[loop3]) > -1)
                        {
                            Response.Write("系统警告：你的行为被系统认定为[非法用户行为]！如有任何疑问,请和网站管理员联系。");
                            Response.End();
                        }
                    }
                }
            }
        }
        base.OnInit(e);

    }
     

    protected override void OnLoad(EventArgs e)
    {
        if (Session["currentAdminUser"] != null)
        {
            base.OnLoad(e);
        }
        else
        {
            Response.Redirect("~/SchoolLogin.aspx?returnUrl=" + this.ReturnBackURL, true);
        }
    }

    public V_adminUser CurrentUser
    {
        get
        {
            if (Session["currentAdminUser"] == null)
            {
                Response.Redirect("~/SchoolLogin.aspx?returnUrl=" + this.ReturnBackURL, true);
            }

            return (V_adminUser)Session["currentAdminUser"];
        }
        set { Session["currentAdminUser"] = value; }
    }

    public int UserID
    {
        get
        {
            return CurrentUser.ID;
        }
    }

    public int SchoolID
    {
        get
        {
            return CurrentUser.SchoolID;
        }
    }

    public string LoginName
    {
        get
        {
            return CurrentUser.VA_loginname;
        }
    }
    public string RealName
    {
        get
        {
            return CurrentUser.VA_realname;
        }
    }
    public int RoleID
    {
        get
        {
            return 1;
            //return CurrentAdminUser.RoleID;
        }
    }
    /// <summary>
    /// 0 运营管理员 1 学校管理员 2课程 3招生负责人  4 网站编辑
    /// </summary>
    public int AdminType
    {
        get
        {
            return CurrentUser.VA_type;
        }
    }
}
